Re: ssh login fail

[Richard Megginson <rmeggins@xxxxxxxxxx>]

Steven Jones wrote:
> Is this the correct rpm to use on RHAS4-32bit-U5?
>
> fedora-ds-1.0.4-1.RHEL4.i386.opt.rpm
>   
Yes.
> Are there any dependencies on the server and clients not installed by
> default?  I have everything installed that I can see documented but its
> possible I have missed something, or there is an un-documented change as
> version upgrade. 
>   
rpm installation should tell you if you are missing some dependency of 
the server.
> How practical is it to rip out any RHAS4 ldap client modules software
> and install Fedora ones?
>   
I have no idea.
> Are there different password hash mechanisms between versions? If so how
> do I check for these?
>   
Fedora DS versions?  If so, yes.  I believe Fedora DS 7.1 supported only 
SHA, SSHA, and crypt.  Fedora DS 1.0.1 added MD5.  Fedora DS 1.0.4 added 
support for SHA and SSHA 256, 384, and 512.
> These might seem odd Q's but I'm kinda desperate as to why I cannot get
> the system working....
>
> regards
>
> Steven Jones
> Senior  Linux/Unix/San/Vmware System Administrator
> APG -Technology Integration Team
> Victoria University of Wellington
> Phone: +64 4 463 6272
>
> -----Original Message-----
> From: fedora-directory-users-bounces@xxxxxxxxxx
> [mailto:fedora-directory-users-bounces@xxxxxxxxxx] On Behalf Of Steven
> Jones
> Sent: Tuesday, 11 September 2007 8:31 a.m.
> To: General discussion list for the Fedora Directory server project.
> Subject: RE:  ssh login fail
>
> Yes.
>
> Thanks, I have this page book marked.
>
> Content looks identical to what I have...I have spent days on this
> googling with no joy. 
>
> Since a Debian LDAP client also does not work I suspect it is a server
> side FDS mis-configuration and not client side, but I could be wrong.
> Previously I had a Debian Openldap setup working and that was fine. So
> it looks like something is missing/broken in FDS.
>
> I find it interesting that yours is the only reply for what I assume is
> a default type of problem....suggests a poor likelihood of the product
> being supportable long term....
>
> regards
>
> Steven Jones
> Senior  Linux/Unix/San/Vmware System Administrator
> APG -Technology Integration Team
> Victoria University of Wellington
> Phone: +64 4 463 6272
>
> -----Original Message-----
> From: fedora-directory-users-bounces@xxxxxxxxxx
> [mailto:fedora-directory-users-bounces@xxxxxxxxxx] On Behalf Of Richard
> Megginson
> Sent: Tuesday, 11 September 2007 3:31 a.m.
> To: General discussion list for the Fedora Directory server project.
> Subject: Re:  ssh login fail
>
> Steven Jones wrote:
>   
> > Hi,
> >
> > I am trying to get a RHEL4 box to LDAP authenticate against FDS (also 
> > on RHEL4) and failing.....
> >
> > In the logs (messages) I have,
> >
> > Sep 10 13:30:52 vuwunicvfwall02 sshd(pam_unix)[2284]: authentication 
> > failure; logname= uid=0 euid=0 tty=ssh ruser= 
> > rhost=vuwunicvadmin02.res.vuw.ac.nz user=jonesst1
> >
> > Sep 10 13:30:52 vuwunicvfwall02 sshd[2284]: pam_ldap: ldap_simple_bind
> >     
>
>   
> > Can't contact LDAP server
> >
> > Sep 10 13:30:52 vuwunicvfwall02 sshd[2284]: pam_ldap: ldap_simple_bind
> >     
>
>   
> > Can't contact LDAP server
> >
> > Sep 10 13:31:05 vuwunicvfwall02 sshd(pam_unix)[2284]: 2 more 
> > authentication failures; logname= uid=0 euid=0 tty=ssh ruser= 
> > rhost=vuwunicvadmin02.res.vuw.ac.nz user=jonesst1
> >
> > Any ideas why? And how to fix? Also is there a way to search the 
> > archive for this list?
> >
> >     
> Have you seen this: http://directory.fedoraproject.org/wiki/Howto:PAM - 
> search for ssh
>   
> > When I do a,
> >
> > ldapsearch -x -h 130.195.87.249 -b dc=vuw,dc=ac,dc=nz "(ou=Users)"
> >
> > The server replies so FDS appears to be running OK....
> >
> > Also is there a way to search the archive for this list? I have tried 
> > Googling with no luck...
> >
> > regards
> >
> > Steven Jones
> > Senior Linux/Unix/San/Vmware System Administrator
> > APG -Technology Integration Team
> > Victoria University of Wellington
> > Phone: +64 4 463 6272
> >
> >
> >     
> ------------------------------------------------------------------------
>   
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users@xxxxxxxxxx
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >   
> >     
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users